I'm looking for a guide on how to set file permissions for hosting an ASP.NET project in IIS 7.
Full access rights for all files in the project directory to everyone works, but I guess this is not a good idea?
Thanks for your help in advance!
Asked
Active
Viewed 1,005 times
1
-
Nevermind, I just found it myself after all: http://support.microsoft.com/kb/815153/en-us – SilverSurfer Apr 21 '11 at 21:31
2 Answers
0
IIS 7 has some pretty good security around the \inetpub directory already. When adding a site the default id that the worker processes execute under already have all of the permissions necessary.
The only real reason to change these is if you are allowing file uploads to be saved to disk. At which point you are better off creating a directory outside of your site structure and using a virtual directory to point to it.
However, some applications like DotNetNuke, require the worker process to have read/write permissions on the site files themselves, including the web.config. This is generally a very bad idea.
NotMe
- 87,343
- 27
- 171
- 245
-
The reason I asked is that for some reason my site does not run unless I give additional rights to other users. It Might have to do with the fact the the base directory of the site is inside my documents directory, so it doesn't inherit the correct rights, but I am not sure. – SilverSurfer Apr 21 '11 at 22:58
-
@SilverSurfer: I don't think I've ever heard of someone putting a site into the "documents" directory when deployed. Are you editing the site directly on the server itself? – NotMe Apr 21 '11 at 23:54
0
Take a look at the "In Practice" part of my answer to this question:
What are all the user accounts for IIS/ASP.NET and how do they differ?
You should prefer to use "Application Pool Identity" on with IIS7:
